Posted
by
timothy
on Wednesday February 24, 2016 @08:41AM
from the check-the-trench-again dept.

An anonymous reader writes: Japanese energy, oil and gas, and transport industries have been among those targeted by a group of cyberattackers focusing its efforts on Japanese critical infrastructure. According to research at Cylance SPEAR, the cyber threat group had previously been targeting U.S. defence agencies but has recently turned its attention to East Asia. While SPEAR does not believe the criminals have yet conducted "destructive or disruptive" attacks, it argues that they have been patiently and persistently spying on a range of Japanese organisations, such as construction companies and financial firms. The researchers have dubbed the campaign Operation Dust Storm, and have identified phishing lures related to current affairs as the attackers' tool of choice. SPEAR noted that the cyberattack group has managed to stay under the radar by registering new domain names, relying heavily on Dynamic DNS, and using a range of customised backdoors – especially a number of second-stage backdoors with hardcoded proxy addresses and credentials. The group also adopted several Android backdoors to support its mobile operations.

In the "new/reimagined/rebooted" Battlestar Galactica TV series, Commander Adama kept key computers on the ship isolated from each other to make it that much harder for the Cylons to take over the ship. As a result, they computers were a lot less useful than on most ships, where the computers worked together. But they were much safer from attack.

It's far past time for the world to adopt this "don't connect key networks to other networks" philosophy for industrial-control computers and other computers wher

It's China. Everyone knows it's China. Nobody should be surprised that it is, in fact China. In fact you, should be extremely surprised if it turns out not to be China.

China has been conducting a whole lot of saber rattling as they stretch out their newly found economic and military might. Right now it's a lot of grandstanding and rearranging deck chairs on barren useless islands and petty games involving dumping gravel on coral reefs and pretending that they're islands.

"Japanese energy, oil and gas, and transport industries have been among those targeted by a group of cyberattackers focusing its efforts on Japanese critical infrastructure"

Have the Japanese considered not connecting their critical infrastructure directly to the Internet? Instead of introducing even more surveillance on the civilian population. Purely in the interests of catching the cyber attackers and protecting the critical infrastructure.
--